/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package cz.muni.fi.pa165.rentalofconstructionmachineryweb;

import cz.muni.fi.pa165.rentalofconstructionmachinery.dto.CustomerDTO;
import cz.muni.fi.pa165.rentalofconstructionmachinery.service.CustomerService;
import java.util.ArrayList;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/**
 *
 * @author stefan
 */
public class CustomUserDetailsService implements UserDetailsService {
    
    private final String ADMIN_USERNAME = "admin";
    private final String ADMIN_PASSWORD = "admin";
    private final String REST_USERNAME = "rest";
    private final String REST_PASSWORD = "rest";
    public static final String ROLE_ADMIN = "ROLE_ADMIN";
    public static final String ROLE_USER = "ROLE_USER"; 

    @Autowired
    private CustomerService customerService;
    
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        UserDetails user = null; 
       
        if(ADMIN_USERNAME.equals(username)) {
            
            List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>(1);
            grantedAuthorities.add(new SimpleGrantedAuthority(ROLE_ADMIN));
            user = new User(ADMIN_USERNAME, ADMIN_PASSWORD, true, true, true, true, grantedAuthorities);
            
        } else if (REST_USERNAME.equals(username)) {
            
            List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>(1);
            grantedAuthorities.add(new SimpleGrantedAuthority(ROLE_ADMIN));
            user = new User(REST_USERNAME, REST_PASSWORD, true, true, true, true, grantedAuthorities);
            
        } else {
        
            List<CustomerDTO> customers = customerService.getAllCustomers();
            for(CustomerDTO customer : customers) {
                if(customer.getUsername().equals(username)) {
                    List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>(1);
                    grantedAuthorities.add(new SimpleGrantedAuthority(
                            (customer.getAccessLevel() < 10) ? ROLE_USER : ROLE_ADMIN));
                    user = new User(customer.getUsername(), customer.getPassword(), true, true, true, true, grantedAuthorities);
                    break;
                }
            }
            
        }
        
        if(null == user) throw new UsernameNotFoundException("A Customer having " + username + " name was not found in system");
        return user;
        
    }

}
